Trojan worms way into Apple computers

Apple users opting not to grab a free 30 day demo version iWork 09, or even cough up the bucks for a full retail version, have found themselves getting more than they bargained for. It appears that something in the region of 20,000 people have downloaded a pirated version of iWork 09 which comes complete with something called OSX.Trojan.iServices.A

According to Mac security specialists Intego the newly discovered Trojan poses a serious risk to OSX users. The iWork 09 BitTorrent download will install OK, but will also dump the iWorkService.pkg package onto your Mac which becomes a startup item with read, write and execute permissions for root.

The first thing it then does it let the bad guys know you have installed it by connecting to a remote server, and the bad guys then get control of your Mac. "The risk of infection is serious, and users may face extremely serious consequences if their Macs are accessible to malicious users" Intego says. Although the actual payload is unknown at this time, additional malware downloads to your already infected Mac are a given.

It seems the only 'cure' would be to format the drive and reinstall OSX. Let's hope that this helps get the message across that Macs are not immune to security problems.

I roll my eyes every time I see the announcement of a new "Mac OS X Trojan". Only the idiots who download illegal crap from filesharing sites are at risk, and the fact that it's another OS X "Trojan" is so misleading: anything can be a Trojan if you want it to.

Save that in a file, name it MyAwesomeProgram, and put it on a web server. Anyone who downloads, executes it that has sudo privileges to rm will have their root wiped out. I've just created a Unix Trojan! Once you manage to convince someone (with the help of social engineering) to give you an administration password, any 'vulnerabilities' of the OS can now be considered invalid, since anything with root can pretty much do whatever the hell it wants.